Configuring Spanning Tree Portfast

Waiting on Spanning Tree to place a port into forwarding can cause problems with fast booting machines requesting DHCP IP Addresses. This lab will discuss and demonstrate the configuration and verification of STP PortFast.

Real World Application & Core Knowledge

So lets say an end user just bought this super fast computer that boots up in few seconds, or perhaps maybe you have a thin client on the network that boots up and request an IP address within 5 seconds. What happens when that traffic gets to the switch port?

It gets dropped. Why you ask? Because the switchport takes 15 seconds to transition from blocking to forwarding as it is listening to determinate rather or not a loop on the network exist. Once determined that no loops exist, the port is placed in learning then designated (forwarding) if the port is an access port.

So if you’re device boots up in 5 seconds and requests an IP address with the timeout of 8 seconds then you will fail to receive an IP Address as the switchport is not forwarding traffic yet.

The simple explanation is that PortFast will immediately transition a port to the forwarding state and not attempt to detect a switching loop unless a BPDU is received on the port with PortFast enabled. So plugging in multiple links on hubs, switches or bridges to the network can temporary switching loops.

Another major advantage of PortFast is that a TCN (Topology Change Notification) is not generated by spanning-tree each time a port goes up or down. This conserves resources as spanning-tree does not have to reprocess the tree every time a TCN is generated.

There are two ways to enable PortFast on a Cisco Catalyst Series switch. One way is by enabling portfast in interface configuration mode and the other way is to globally enable portfast across the entire switch.

Note that Portfast is supported on the Cisco NM-16ESW however the spanning tree portfast default feature is not.

In this lab you’ll familiarize yourself with the following commands;

Command

Description

spanning-tree portfast

This command is executed in interface configuration mode and enables portfast on a per interface basis

spanning-tree portfast default

This command is executed in global configuration and enables PortFast across the entire switch by default.

show spanning-tree interfaceinterface#/# portfast

This command is executed in privileged mode and shows rather or not portfast is enabled on the specific interface.

show spanning-tree summary

This command is executed in privileged mode to display the current status of default STP configurations including PortFast.

show spanning-tree

This command is executed in privileged mode to display a table of ports assigned to a particular VLAN and the current port status rather its FWD or BLK.

Lab Prerequisites

If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; R1 and SW1.

Establish a console session with devices R1 and SW1 than configure the devices respected hostname(s).

Configure SW1 to run Rapid-PVST.

Lab Objectives

By default, interfaces on routers are administratively shut down. Enable FastEthernet0/0 which is connected to Fa0/1 then observe the switches spanning-tree behavior via the show spanning-tree command.

Shutdown R1’s FastEthernet0/0 interface then configure PortFast on SW1’s FastEthernet0/1. Afterward; re-enable the Fa0/0 interface on R1 and ensure that Fa0/1 on SW1 is immediately transitioned to forwarding status by viewing the spanning-tree output on SW1.

Enable PortFast on all interfaces of the switch by default and do not use the spanning-tree portfast command in interface configuration mode. Verify your configuration.

This Lab instructional section is demonstrated using a Cisco Catalyst 3560 Series switch.

Lab Instruction

Step 1. – By default, interfaces on routers are administratively shut down. Enable FastEthernet0/0 which is connected to Fa0/1 then observe the switches spanning-tree behavior via the show spanning-tree command.

R1 con0 is now available
Press RETURN to get started.
*Mar 15 23:38:09.097: %SYS-5-CONFIG_I: Configured from console by console
R1#enable
R1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#interface fa0/0
R1(config-if)#no shut
R1(config-if)#
%LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up
R1(config-if)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed
state to up
R1(config-if)#end
R1#
%SYS-5-CONFIG_I: Configured from console by console
R1#

As you’ll notice in the observation of spanning-tree the port is first blocking all traffic, then learning which still blocks traffic but learns MAC addresses from frames and processes BPDU’s from connected devices to determine potential switching loops then finally the port is placed into FWD (forwarding) if no layer two loop is detected by spanning tree.

Step 2. – Shutdown R1’s FastEthernet0/0 interface then configure PortFast on SW1’s FastEthernet0/1. Afterward; ee-enable the Fa0/0 interface on R1 and ensure that Fa0/1 on SW1 is immediately transitioned to forwarding status by viewing the spanning-tree output on SW1.

SW1 con0 is now available
Press RETURN to get started.
SW1>enable
SW1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
SW1(config)#interface fa0/1
SW1(config-if)#spanning-tree portfast
%Warning: portfast should only be enabled on ports connected to a single
host. Connecting hubs, concentrators, switches, bridges, etc... to this
interface when portfast is enabled, can cause temporary bridging loops.
Use with CAUTION
%Portfast has been configured on FastEthernet0/1 but will only
have effect when the interface is in a non-trunking mode.
SW1(config-if)#end
SW1#

And now to re-enable FastEthernet0/0 on R1;

R1(config-if)#no shut
R1(config-if)#
%LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up
R1(config-if)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed
state to up
R1(config-if)#

Now if you quickly view spanning-tree on SW1 you should notice that Fa0/1 is placed into FWD immediately;

Step 3. – Enable PortFast on all interfaces of the switch by default and do not use the spanning-tree portfast command in interface configuration mode. Verify your configuration.

SW1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
SW1(config)#spanning-tree portfast default
%Warning: this command enables portfast by default on all interfaces. You
should now disable portfast explicitly on switched ports leading to hubs,
switches and bridges as they may create temporary bridging loops.
SW1(config)#end
SW1#

And to verify that PortFast is enabled by default use the show spanning-tree summary command as shown below;